Recall the digital signature birthday attack discussed in Section 5.4. Suppose we modify the hashing scheme as follows: Given a message M that Alice wants to sign, she randomly selects R, then she computes the signature as S = [h(M, R)]A\ice, and sends (M, R, S) to Bob. Does this prevent the attack? Why or why not?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here